Fix record encryptor trying to decrypt or decode non-String values

[ahukkanen]

🎩 What? Why?

Currently the record decryption fails if the unencrypted values are something else than a String or something that can be converted to a String as explained at:
#7487 (comment)

This checks the type of the value before passing it to decryption or to JSON decoding for hash values.

📌 Related Issues

• Related to Encrypt authorization metadata #6947
• Fixes Can't migrate the DB after #6947 #7487 (comment)

Testing

See the testing instructions at: #7488

But for the authorization record, add deeper hash values to match this case:

Decidim::Authorization.create!(
  user: Decidim::User.first,
  name: "postal_code",
  metadata: {},
  verification_metadata: {
    foo: { bar: "baz" }
  }
)

📋 Checklist

• ❓ CONSIDER adding a unit test if your PR resolves an issue.
• ✔️ DO check open PR's to avoid duplicates.
• ✔️ DO keep pull requests small so they can be easily reviewed.
• ✔️ DO build locally before pushing.
• ✔️ DO make sure tests pass.
• ✔️ DO make sure any new changes are documented in docs/.
• ✔️ DO add and modify seeds if necessary.
• ✔️ DO add CHANGELOG upgrade notes if required.
• ✔️ DO add to GraphQL API if there are new public fields.
• ✔️ DO add link to MetaDecidim if it's a new feature.
• ❌AVOID breaking the continuous integration build.
• ❌AVOID making significant changes to the overall architecture.

[mrcasals]

Yay, @ahukkanen! thank you so much for the quick fixes on this! ❤️

[mrcasals]

This needs to be backported to 0.24.

[ahukkanen]

@mrcasals Note that I changed the fix a bit. I moved the value type check to Decidim::AttributeEncryptor.

[mrcasals]

Awesome, thanks @ahukkanen. I'll wait until this is merged to create the backport 😄